{"id":16851,"date":"2023-09-06T15:02:17","date_gmt":"2023-09-06T15:02:17","guid":{"rendered":"http:\/\/www.namorgy.com\/blog\/?p=16851"},"modified":"2023-09-06T15:02:21","modified_gmt":"2023-09-06T15:02:21","slug":"hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers","status":"publish","type":"post","link":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\/","title":{"rendered":"Hackers hijacked Microsoft\u2019s trust model to make their malware harder to detectHackers"},"content":{"rendered":"\n<p>By Wired.com<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/media.wired.com\/photos\/64e3ed7eef8671d76d4a8b81\/master\/w_1920,c_limit\/A-New-Supply-Chain-Attack-Hit-Close-to-100-Victims%E2%80%94and-Clues-Point-to-China-Security-GettyImages-1587519761.png\" alt=\"\"\/><\/figure>\n\n\n\n<p>EVERY SOFTWARE SUPPLY\u00a0chain attack, in which hackers corrupt a legitimate application to push out their malware to hundreds or potentially thousands of victims, represents a disturbing new outbreak of a cybersecurity scourge. But when that\u00a0<a href=\"https:\/\/www.wired.com\/story\/hacker-lexicon-what-is-a-supply-chain-attack\/\">supply chain attack<\/a>\u00a0is pulled off by a mysterious group of hackers, abusing a Microsoft trusted software model to make their malware pose as legitimate, it represents a dangerous and potentially new adversary worth watching.<\/p>\n\n\n\n<p>Beyond the usual disturbing breach of trust in legitimate software that occurs in every software supply chain, Symantec says, the hackers also managed to get their malicious code\u2014a backdoor known as Korplug or PlugX and commonly used by Chinese hackers\u2014digitally signed by Microsoft. The signature, which Microsoft typically uses to designate trusted code, made the malware far harder to detect.<\/p>\n\n\n\n<p>Read more at : <a href=\"https:\/\/www.wired.com\/story\/carderbee-china-hong-kong-supply-chain-attack\/\">https:\/\/www.wired.com\/story\/carderbee-china-hong-kong-supply-chain-attack\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>By Wired.com EVERY SOFTWARE SUPPLY\u00a0chain attack, in which hackers corrupt a legitimate application to push out their malware to hundreds or potentially thousands of victims, represents a disturbing new outbreak &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"sfsi_plus_gutenberg_text_before_share":"","sfsi_plus_gutenberg_show_text_before_share":"","sfsi_plus_gutenberg_icon_type":"","sfsi_plus_gutenberg_icon_alignemt":"","sfsi_plus_gutenburg_max_per_row":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-16851","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Hackers hijacked Microsoft\u2019s trust model to make their malware harder to detectHackers -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hackers hijacked Microsoft\u2019s trust model to make their malware harder to detectHackers -\" \/>\n<meta property=\"og:description\" content=\"By Wired.com EVERY SOFTWARE SUPPLY\u00a0chain attack, in which hackers corrupt a legitimate application to push out their malware to hundreds or potentially thousands of victims, represents a disturbing new outbreak &hellip;\" \/>\n<meta property=\"og:url\" content=\"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-06T15:02:17+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-09-06T15:02:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/media.wired.com\/photos\/64e3ed7eef8671d76d4a8b81\/master\/w_1920,c_limit\/A-New-Supply-Chain-Attack-Hit-Close-to-100-Victims%E2%80%94and-Clues-Point-to-China-Security-GettyImages-1587519761.png\" \/>\n<meta name=\"author\" content=\"Namorgy\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Namorgy\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\\\/#article\",\"isPartOf\":{\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\\\/\"},\"author\":{\"name\":\"Namorgy\",\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/#\\\/schema\\\/person\\\/7037cc04551c43ba5e74edd08fda91c2\"},\"headline\":\"Hackers hijacked Microsoft\u2019s trust model to make their malware harder to detectHackers\",\"datePublished\":\"2023-09-06T15:02:17+00:00\",\"dateModified\":\"2023-09-06T15:02:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\\\/\"},\"wordCount\":158,\"image\":{\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/media.wired.com\\\/photos\\\/64e3ed7eef8671d76d4a8b81\\\/master\\\/w_1920,c_limit\\\/A-New-Supply-Chain-Attack-Hit-Close-to-100-Victims%E2%80%94and-Clues-Point-to-China-Security-GettyImages-1587519761.png\",\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\\\/\",\"url\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\\\/\",\"name\":\"Hackers hijacked Microsoft\u2019s trust model to make their malware harder to detectHackers -\",\"isPartOf\":{\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\\\/#primaryimage\"},\"image\":{\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/media.wired.com\\\/photos\\\/64e3ed7eef8671d76d4a8b81\\\/master\\\/w_1920,c_limit\\\/A-New-Supply-Chain-Attack-Hit-Close-to-100-Victims%E2%80%94and-Clues-Point-to-China-Security-GettyImages-1587519761.png\",\"datePublished\":\"2023-09-06T15:02:17+00:00\",\"dateModified\":\"2023-09-06T15:02:21+00:00\",\"author\":{\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/#\\\/schema\\\/person\\\/7037cc04551c43ba5e74edd08fda91c2\"},\"breadcrumb\":{\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\\\/#primaryimage\",\"url\":\"https:\\\/\\\/media.wired.com\\\/photos\\\/64e3ed7eef8671d76d4a8b81\\\/master\\\/w_1920,c_limit\\\/A-New-Supply-Chain-Attack-Hit-Close-to-100-Victims%E2%80%94and-Clues-Point-to-China-Security-GettyImages-1587519761.png\",\"contentUrl\":\"https:\\\/\\\/media.wired.com\\\/photos\\\/64e3ed7eef8671d76d4a8b81\\\/master\\\/w_1920,c_limit\\\/A-New-Supply-Chain-Attack-Hit-Close-to-100-Victims%E2%80%94and-Clues-Point-to-China-Security-GettyImages-1587519761.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/2023\\\/09\\\/06\\\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Hackers hijacked Microsoft\u2019s trust model to make their malware harder to detectHackers\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/#website\",\"url\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/\",\"name\":\"Namorgy.com\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/#\\\/schema\\\/person\\\/7037cc04551c43ba5e74edd08fda91c2\",\"name\":\"Namorgy\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e20986966f4472043ecdaf2cf41caaa3d2477283bd208dfc1d663755a5100b2c?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e20986966f4472043ecdaf2cf41caaa3d2477283bd208dfc1d663755a5100b2c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/e20986966f4472043ecdaf2cf41caaa3d2477283bd208dfc1d663755a5100b2c?s=96&d=mm&r=g\",\"caption\":\"Namorgy\"},\"sameAs\":[\"http:\\\/\\\/www.namorgy.com\"],\"url\":\"http:\\\/\\\/www.namorgy.com\\\/blog\\\/author\\\/namorgy_12uffn\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hackers hijacked Microsoft\u2019s trust model to make their malware harder to detectHackers -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\/","og_locale":"en_US","og_type":"article","og_title":"Hackers hijacked Microsoft\u2019s trust model to make their malware harder to detectHackers -","og_description":"By Wired.com EVERY SOFTWARE SUPPLY\u00a0chain attack, in which hackers corrupt a legitimate application to push out their malware to hundreds or potentially thousands of victims, represents a disturbing new outbreak &hellip;","og_url":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\/","article_published_time":"2023-09-06T15:02:17+00:00","article_modified_time":"2023-09-06T15:02:21+00:00","og_image":[{"url":"https:\/\/media.wired.com\/photos\/64e3ed7eef8671d76d4a8b81\/master\/w_1920,c_limit\/A-New-Supply-Chain-Attack-Hit-Close-to-100-Victims%E2%80%94and-Clues-Point-to-China-Security-GettyImages-1587519761.png","type":"","width":"","height":""}],"author":"Namorgy","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Namorgy","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\/#article","isPartOf":{"@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\/"},"author":{"name":"Namorgy","@id":"http:\/\/www.namorgy.com\/blog\/#\/schema\/person\/7037cc04551c43ba5e74edd08fda91c2"},"headline":"Hackers hijacked Microsoft\u2019s trust model to make their malware harder to detectHackers","datePublished":"2023-09-06T15:02:17+00:00","dateModified":"2023-09-06T15:02:21+00:00","mainEntityOfPage":{"@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\/"},"wordCount":158,"image":{"@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\/#primaryimage"},"thumbnailUrl":"https:\/\/media.wired.com\/photos\/64e3ed7eef8671d76d4a8b81\/master\/w_1920,c_limit\/A-New-Supply-Chain-Attack-Hit-Close-to-100-Victims%E2%80%94and-Clues-Point-to-China-Security-GettyImages-1587519761.png","inLanguage":"en-US"},{"@type":"WebPage","@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\/","url":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\/","name":"Hackers hijacked Microsoft\u2019s trust model to make their malware harder to detectHackers -","isPartOf":{"@id":"http:\/\/www.namorgy.com\/blog\/#website"},"primaryImageOfPage":{"@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\/#primaryimage"},"image":{"@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\/#primaryimage"},"thumbnailUrl":"https:\/\/media.wired.com\/photos\/64e3ed7eef8671d76d4a8b81\/master\/w_1920,c_limit\/A-New-Supply-Chain-Attack-Hit-Close-to-100-Victims%E2%80%94and-Clues-Point-to-China-Security-GettyImages-1587519761.png","datePublished":"2023-09-06T15:02:17+00:00","dateModified":"2023-09-06T15:02:21+00:00","author":{"@id":"http:\/\/www.namorgy.com\/blog\/#\/schema\/person\/7037cc04551c43ba5e74edd08fda91c2"},"breadcrumb":{"@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\/#primaryimage","url":"https:\/\/media.wired.com\/photos\/64e3ed7eef8671d76d4a8b81\/master\/w_1920,c_limit\/A-New-Supply-Chain-Attack-Hit-Close-to-100-Victims%E2%80%94and-Clues-Point-to-China-Security-GettyImages-1587519761.png","contentUrl":"https:\/\/media.wired.com\/photos\/64e3ed7eef8671d76d4a8b81\/master\/w_1920,c_limit\/A-New-Supply-Chain-Attack-Hit-Close-to-100-Victims%E2%80%94and-Clues-Point-to-China-Security-GettyImages-1587519761.png"},{"@type":"BreadcrumbList","@id":"http:\/\/www.namorgy.com\/blog\/2023\/09\/06\/hackers-hijacked-microsofts-trust-model-to-make-their-malware-harder-to-detecthackers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/www.namorgy.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Hackers hijacked Microsoft\u2019s trust model to make their malware harder to detectHackers"}]},{"@type":"WebSite","@id":"http:\/\/www.namorgy.com\/blog\/#website","url":"http:\/\/www.namorgy.com\/blog\/","name":"Namorgy.com","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/www.namorgy.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"http:\/\/www.namorgy.com\/blog\/#\/schema\/person\/7037cc04551c43ba5e74edd08fda91c2","name":"Namorgy","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/e20986966f4472043ecdaf2cf41caaa3d2477283bd208dfc1d663755a5100b2c?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/e20986966f4472043ecdaf2cf41caaa3d2477283bd208dfc1d663755a5100b2c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e20986966f4472043ecdaf2cf41caaa3d2477283bd208dfc1d663755a5100b2c?s=96&d=mm&r=g","caption":"Namorgy"},"sameAs":["http:\/\/www.namorgy.com"],"url":"http:\/\/www.namorgy.com\/blog\/author\/namorgy_12uffn\/"}]}},"_links":{"self":[{"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/posts\/16851","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/comments?post=16851"}],"version-history":[{"count":1,"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/posts\/16851\/revisions"}],"predecessor-version":[{"id":16852,"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/posts\/16851\/revisions\/16852"}],"wp:attachment":[{"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/media?parent=16851"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/categories?post=16851"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.namorgy.com\/blog\/wp-json\/wp\/v2\/tags?post=16851"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}